CVE-2012-2227

Published: Aug 26, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

53348

vdb-entry

x_refsource_BID

https://www.htbridge.com/advisory/HTB23086

x_refsource_MISC

18828

exploit

x_refsource_EXPLOIT-DB

20120502 Local File Inclusion in PluXml

mailing-list

x_refsource_BUGTRAQ

pluxml-index-file-include(75330)

vdb-entry

x_refsource_XF

49026

third-party-advisory

x_refsource_SECUNIA

81638

vdb-entry

x_refsource_OSVDB

http://www.pluxml.org/article59/sortie-de-pluxml-5-1-6

x_refsource_CONFIRM

http://telechargements.pluxml.org/changelog

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-2227

Description

Affected Products

References